Linked by Thom Holwerda on Wed 16th Dec 2009 21:38 UTC, submitted by whorider
Privacy, Security, Encryption This news is already a week old, but it only got submitted to us today, and I didn't notice it all. As it turns out, two malicious software packages had been uploaded to, masquerading as valid .deb packages (a GNOME screensaver and theme, respectively).
Permalink for comment 399988
To read all comments associated with this story, please click here.
Bottom Line
by fretinator on Wed 16th Dec 2009 22:15 UTC
Member since:

On any operating system, when you install 3rd-party applications, you can be compromised. On Windows, all those helpful little utilities, games, etc. you install - any of them has the potential to hose your system. Same goes for Linux, Mac, BSD, etc. That is why I like the packaging systems in Linux and BSD. I've never been hosed, I have thousands of applications available, and all of my applications stay up-to-date. Very rarely will I install a 3rd-party application. I just did for Chrome Beta for Linux. I trusted Google enough to trust their package. For me, that is the only exception.

I would say this is probably the main security weakness in Windows. You have to install 3rd-party applications to get much useful done. You have to be very careful. It is not just whether or not you trust the company, but also have they been unknowingly compromised (by a virus at their company), or is there a backdoor built in for the government. It's very hard to tell.

Edited 2009-12-16 22:27 UTC

Reply Score: 10